Lucene search
GoogleOSV:CVE-2022-23594HistoryFeb 04, 2022 - 11:15 p.m.
CVE-2022-23594
2022-02-0423:15:15
Google
osv.dev
5
Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming GraphDef before converting it to the MLIR-based dialect. If an attacker changes the SavedModel format on disk to invalidate these assumptions and the GraphDef is then converted to MLIR-based IR then they can cause a crash in the Python interpreter. Under certain scenarios, heap OOB read/writes are possible. These issues have been discovered via fuzzing and it is possible that more weaknesses exist. We will patch them as they are discovered.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tensorflow | eq | 1.12.1 | |
| tensorflow | eq | 1.2.0 | |
| tensorflow | eq | 1.2.0-rc0 | |
| tensorflow | eq | 1.6.0 | |
| tensorflow | eq | 1.9.0-rc1 | |
| tensorflow | eq | 1.8.0-rc0 | |
| tensorflow | eq | 1.7.0 | |
| tensorflow | eq | 0.6.0 | |
| tensorflow | eq | 0.10.0 | |
| tensorflow | eq | 0.12.0 |
Related
cve
cve
CVE-2022-23594
2022-02-04 23:15:15
cvelist
cvelist
CVE-2022-23594 Out of bounds read in Tensorflow
2022-02-04 22:32:11
nvd
nvd
CVE-2022-23594
2022-02-04 23:15:15
osv
osv
Out of bounds read in Tensorflow
2022-02-09 23:32:41
BIT-tensorflow-2022-23594
2024-03-06 11:14:43
github
github
Out of bounds read in Tensorflow
2022-02-09 23:32:41
cnvd
cnvd
Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09865)
2022-02-09 00:00:00
prion
prion
Stack overflow
2022-02-04 23:15:00
